[sudo-users] excluding a user from all sudo logging
Peter Smith
Peter.Smith3 at tafensw.edu.au
Thu Sep 12 22:47:50 MDT 2019
Hey, sudo-users peeps.
I've RTFM, and STFW, but stumped on this one:
I'm trying to exclude a single user from all sudo logging.
* We're using logging via sudo-io for sudoreplay.
14:33<https://studiosysadmins.slack.com/archives/C1WCYK742/p1568349210066000>
* The user is ServiceNow, doing it's "service discovery" part, and it's being fully logged, and we're running out of inodes.
14:36<https://studiosysadmins.slack.com/archives/C1WCYK742/p1568349400066800>
* Further complicated by Centos 6, and hence "sudo-1.8.6.xxx" which pre-dates the "maxseq" facility ...
I've tried: Defaults:servicenow !syslog
And also managed to suppress the input and output.
But the files and dirs are still created under /var/log/sudo-io/, even if empty.
Pointers appreciated!
TIA
Pete Smith
--
***** The contents of this email and its attachments are confidential and intended solely for the use of the individual or entity to whom they are addressed. *****
More information about the sudo-users
mailing list